Make hosts_allow_table/hosts_deny_table configurable
Bug #625299 reported by
Volodymyr Kolesnykov
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| ngx_tcpwrappers |
Fix Committed
|
Wishlist
|
Volodymyr Kolesnykov | ||
Bug Description
The idea is that /etc/hosts.allow and /etc/hosts.deny are writable only by root user.
If we want to give the user ability to blacklist specific hosts/addresses for every virtual host then we need to allow to configure hosts_allow_table and hosts_deny_table.
Related branches
lp:~sjinks/ngx-tcpwrappers/lp625299
- Volodymyr Kolesnykov: Approve
-
Diff: 389 lines (+241/-65)1 file modifiedngx_tcpwrappers.c (+241/-65)
Revision history for this message
| Volodymyr Kolesnykov (sjinks) wrote | #1 |
| Changed in ngx-tcpwrappers: | |
| importance: | Undecided → Wishlist |
| status: | New → Confirmed |
| Changed in ngx-tcpwrappers: | |
| status: | Confirmed → In Progress |
| Changed in ngx-tcpwrappers: | |
| assignee: | nobody → Vladimir Kolesnikov (sjinks) |
| Changed in ngx-tcpwrappers: | |
| status: | In Progress → Fix Committed |
To post a comment you must log in.
According to <tcpd.h> we can change these global variables:
extern int allow_severity; /* for connection logging */
extern int deny_severity; /* for connection logging */
extern char *hosts_allow_table; /* for verification mode redirection */
extern char *hosts_deny_table; /* for verification mode redirection */
extern int hosts_access_
extern int rfc931_timeout; /* user lookup timeout */
extern int resident; /* > 0 if resident process */
resident should probably always be greater than 0, rfc931_timeout won't be used because RQ_USER is always STRING_UNKNOWN